<?php

if (!defined('NV_ADMIN')) {
    die ("Access Denied");
}

$checkmodname = "Voting";
$adm_access = checkmodac("".$checkmodname."");
if ($adm_access == 1) {
if (file_exists("language/".$checkmodname."_".$currentlang.".php")) {
	include_once("language/".$checkmodname."_".$currentlang.".php");
}
if (file_exists("../$datafold/config_".$checkmodname.".php")) {
	include_once("../$datafold/config_".$checkmodname.".php");
}
define("IMG_PATH", "../images/modules/".$checkmodname."/");
/*********************************************************/
/* 		Nukeviet Voting -05/07/06		 */
/*********************************************************/
function formatInput($input) {
	return addslashes(htmlspecialchars(trim($input)));
}

function acomm($acomm) {
    echo "<tr><td>"._ACTIVATECOMMENTS."</td><td>";
    echo "<select name=\"xacomm\">";
    $yacomm = array (_NO,_ALL,_MEMBER);
        for ($a=0;$a<= 2;$a++) {
        $seld = "";
        if ($a == $acomm) { $seld = " selected"; }
        echo"<option name=\"xacomm\" value=\"$a\" $seld>$yacomm[$a]</option>\n";
        }
        echo "</select></td></tr>";
        
  }

function polls() {      
    global $adminfile, $language, $multilingual, $prefix, $db, $checkmodname;
    include ('../header.php');
    GraphicAdmin();
	title(_VOTINGADMIN);  
    $list_polls = $db ->sql_query("SELECT pollid, question, totalvotes, totalcomm, time FROM ".$prefix."_nvvotings  ORDER BY time DESC");
    if ($db -> sql_numrows($list_polls) > 0) { 
    OpenTable();
    echo "<center><font class=\"option\"><b>"._OLDPOLLS."</b></font><br>";

    echo "<table border=\"0\" cellpadding=\"2\">";
    while ($row = $db->sql_fetchrow($list_polls)) {
         $pollid = intval($row['pollid']);
         $question = $row['question'];
         $totalvotes = $row['totalvotes'];
         $totalcomm = $row['totalcomm'];
         $time = viewtime($row['time'],1);
         
      $editlink ="<a href=\"".$adminfile.".php?op=poll_edit&pollid=$pollid\">"._EDIT."</a>";
      $dellink ="<a href=\"".$adminfile.".php?op=poll_del&pollid=$pollid\">"._DELETE."</a>";
        
      echo "<tr valign=\"top\">"
      ."<td><a href=\"../modules.php?name=$checkmodname&op=viewpoll&pollid=$pollid\"><b>".$question."</b></a>"
      ."<br>".$time.""
      ."</td>"
      ."<td><b>".$totalvotes."</b> "._VOTES."</td>"
      ."<td><b>".$totalcomm."</b> "._COMMENTS."</td>"
      ."<td><a href=\"../modules.php?name=$checkmodname&op=pollvote&pollid=$pollid\" title=\""._MORE."\">"._MORE."</a></td>"
      ."<td width=\"20\"></td>"
      ."<td>[<b>".$editlink." - ".$dellink."</b>]</td>"
    
      ."</tr>";   
       
       }//end while loop
     echo "</table></center>\n";  
      CloseTable();
}else{ 
 title (_CHUACOTHAMDO);
}
  
  echo "<br>";  
   //step 1 
	OpenTable();
        echo "<center><font class=\"option\"><b>"._CREATEPOLL."</b></font></center><br>"
	."<form action=\"".$adminfile.".php\" method=\"post\">";
	echo"<table border=\"0\" cellpadding=\"2\" width=\"60%\" cellspacing=\"1\" align=\"center\">";
	acomm(2);
    	if ($multilingual == 1) {
	echo "<TR><td>"._LANGUAGE.":</td>"
	    ."<td><select name=\"planguage\">";
	echo select_language($language);
	echo "</select></td></tr>";
    } else {
	echo "<input type=\"hidden\" name=\"planguage\" value=\"$language\">";
    }
    echo "<tr><td>"._NUMPOLLS."</td><td><select name=\"numopt\">";

	
	for($i=1; $i < 21; $i++){   //Neu ban muon nhieu ho*n 20 lua chon thi` sua o day 
		echo "<option value=\"$i\"";
		if($i==5) echo " selected";
		echo ">$i</option>\n";
	}
	
	echo "</select></td></tr>";

    echo "<tr>"
  . "  <td  align=\"center\"><input type=\"hidden\"  name=\"op\" value=\"poll_creat_step2\">"
  . "  <input type=\"submit\" value=\""._CONTINUE."\">"
  . "  </td></tr>"
  . "  </table>"
  ."</form><br>";

  
    CloseTable();
    include ('../footer.php');
}

function poll_creat_step2($xacomm, $planguage, $numopt) { //step 2
    global $adminfile, $language, $admin, $multilingual, $prefix, $db;
   include ('../header.php');
    GraphicAdmin();
    OpenTable();
echo "<center>"._CREATNOTE."</center>"; 
echo "<center><form action=\"".$adminfile.".php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"planguage\" value=\"$language\"><br>";
echo "<input type=\"hidden\" name=\"xacomm\" value=\"$xacomm\"><br>";
echo"<table border=\"0\" cellpadding=\"2\" cellspacing=\"1\" align=\"center\">"
  . "  <TR>"
  . "	<TD>"._QUESTION."</TD>"
  . "	<TD><input type=\"text\"  name=\"npollquestion\" size=\"50\"></TD>"
  . "  </TR>";
  $newpollopt = "";
  for($i=0;$i < $numopt;$i++) {
		$j=$i+1;
	$newpollopt = "<tr><td>"._OPTION." $j:</td><td><input type=\"text\" name=\"noptiontext[]\" size=\"50\" maxlength=\"50\"></td></tr>";
 echo $newpollopt;		
  }
  echo "<tr>"
  . "  <td width=\"100%\" colspan=\"2\" align=\"center\"><input type=\"hidden\"  name=\"op\" value=\"poll_creat_step3\">"
  . "  <input type=\"submit\" value=\""._ADD."\">"
  . "  <input type=\"reset\" value=\""._RESET."\"></td>"
  . "  </tr>"
  . "  </table>"

	."</form></center><br>";


  CloseTable();
    include ('../footer.php');
}

function poll_creat_step3($xacomm, $planguage, $npollquestion, $noptiontext) {  //step3 = complete
    global $adminfile, $language, $admin, $multilingual, $prefix, $db;
    $stop = 0;
    if($npollquestion =="") $stop = 1;
    $x=0;
    $noptiontext2 = array();
    $votestring = array();
    for($i=0;$i < sizeof($noptiontext);$i++) {
    	if($noptiontext[$i]=="") { $x++; } else { $noptiontext2[] = $noptiontext[$i]; $votestring[] = '0'; }
    }
    $options = sizeof($noptiontext) - $x;
    if($options < 2) $stop=1;
    
   	if ($stop==1) {
             include ('../header.php');
		    GraphicAdmin();
		    title(_CANNOTADD);	
		    include ('../footer.php');
		    exit;
	} else {
	$votestring=implode("|",$votestring);
	$optionstring = implode("|",$noptiontext2);
	$time = time();
	$xacomm = intval($xacomm);
	$npollquestion = stripslashes(FixQuotes($npollquestion));
	
    $db->sql_query("INSERT INTO ".$prefix."_nvvotings VALUES (NULL, '$npollquestion', '$votestring', '$optionstring', '$options', '$xacomm', '0', '0', '$time', '$planguage')");
	Header("Location: ".$adminfile.".php?op=polls");
	exit;
	}
}

function poll_edit($pollid) {
    global $adminfile, $language, $admin, $multilingual, $prefix, $db;
    $pollid = intval($pollid);
$sql = "SELECT * FROM ".$prefix."_nvvotings WHERE pollid='$pollid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
if(!$row) { Header("Location: ".$adminfile.".php?op=polls"); exit; }

$option = explode("|",$row['optiontext']);
$votes = explode("|",$row['votes']);
$acomm = intval($row['acomm']);	
$planguage = $row['planguage'];
$totalvotes = intval($row['totalvotes']);
  include ('../header.php');
    GraphicAdmin();
    OpenTable();
echo "<form action=\"".$adminfile.".php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"pollid\" value=\"$pollid\"><input type=\"hidden\" name=\"totalvotes\" value=\"$totalvotes\"><br>";
echo"<table border=\"0\" cellpadding=\"2\" cellspacing=\"1\" align=\"center\">"
  . "<TR>"
  . "<TD><b>"._QUESTION."</b></TD>"
  . "<TD><input type=\"text\"  name=\"npollquestion\" size=\"50\" value=\"".$row['question']."\"></TD>"
  . "</TR>";
 if ($multilingual == 1) {
	echo "<tr><td>"._LANGUAGE.":</td><td>"
	    ."<select name=\"planguage\">";
	echo select_language($planguage);
	echo "</select>";
	echo "</td></tr>";
    } else {
	echo "<input type=\"hidden\" name=\"planguage\" value=\"$planguage\">";
    }
echo "<tr><td>";
acomm($acomm);
echo "</td></tr>";
for($i=0;$i < intval($row['options']);$i++) {
	$j=$i+1;
  echo "<tr><td>"._OPTION." $j:</td><td><input type=\"hidden\"  name=\"votes[]\" value=\"".$votes[$i]."\"><input type=\"text\" name=\"noptiontext[]\" size=\"50\" maxlength=\"50\" value=\"".$option[$i]."\"> <input type=\"checkbox\" name=\"del[]\" value=\"1\"> "._DELETE."</td></tr>";
  
}
for($i=0;$i < 5;$i++) {
	$j=$i+intval($row['options'])+1;
	echo "<tr><td>"._OPTION." $j:</td><td><input type=\"text\" name=\"noptiontext2[]\" size=\"50\" maxlength=\"50\" value=\"\"></tr>";
} 
 echo "<tr>"
  . "<td width=\"100%\" colspan=\"2\" align=\"center\"><input type=\"hidden\"  name=\"op\" value=\"poll_edit_save\">"
  . "<input type=\"submit\" value=\""._SAVE."\"></td>"
  . "</tr>"
  . "</table>"
  . "</form><br>";

 
    CloseTable();
    include ('../footer.php');
}


function poll_edit_save($pollid, $npollquestion, $planguage, $xacomm, $votes, $noptiontext, $noptiontext2, $del, $totalvotes) {
    global $adminfile, $db, $prefix;
    $pollid = intval($pollid);
    if($db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_nvvotings WHERE pollid='$pollid'")) == 1) {
    $npollquestion = stripslashes(FixQuotes($npollquestion));
    $xacomm = intval($xacomm);
    $optionstring = array();
    $optionvotes = array();
    $tru = 0;
    for($i=0;$i < sizeof($noptiontext);$i++) {
    	if($del[$i]!=1) {
    		$optionstring[] = $noptiontext[$i];
    		$optionvotes[] = intval($votes[$i]);
    	} else {
    		$tru = $tru + intval($votes[$i]);
    }
    }
    for($i=0;$i < sizeof($noptiontext2);$i++) {
    	if($noptiontext2[$i]!="") {
    		$optionstring[] = $noptiontext2[$i];
    		$optionvotes[] = '0';
    	}
    }
    
    $options = count($optionstring);
    $optionstring = implode("|",$optionstring);
    $optionvotes = implode("|",$optionvotes);
    $totalvotes = intval($totalvotes) - $tru;
    $db->sql_query("UPDATE  ".$prefix."_nvvotings SET question='$npollquestion', votes='$optionvotes', optiontext='$optionstring', options='$options', acomm='$xacomm', totalvotes= '$totalvotes', planguage='$planguage' WHERE pollid='$pollid'");
	}
	Header("Location: ".$adminfile.".php?op=polls");
	exit;
}

function poll_del($pollid, $ok=0) {
    global $pollid, $prefix, $db, $adminfold, $adminfile;
    $pollid = intval($pollid);
    if($ok == 1) {

    $db->sql_query("DELETE FROM ".$prefix."_nvvotings WHERE pollid=$pollid");
    $db->sql_query("DELETE FROM ".$prefix."_nvvoting_votes WHERE pollid=$pollid");
    $db->sql_query("DELETE FROM ".$prefix."_nvvoting_comments WHERE pollid=$pollid");
    Header("Location: ".$adminfile.".php?op=polls");
    }else {
    	
      $sql = "SELECT question FROM ".$prefix."_nvvotings WHERE pollid='$pollid'";
      $result = $db->sql_query($sql);
      $row = $db->sql_fetchrow($result);

  	include("../header.php");
	GraphicAdmin();
	OpenTable();
	echo "<center><font class=\"title\"><b>"._REMOVEPOLLS."</b></font></center>";
	CloseTable();
	echo "<br>";
	OpenTable();
	echo "<center>"
	.""._DELETE."  : <b>".$row['question']."</b><br>"
	.""._SURETODELPOLLS."";
	echo "<br><br>[ <a href=\"javascript:history.go(-1)\">"._NO."</a> | <a href=\"".$adminfile.".php?op=poll_del&pollid=$pollid&ok=1\">"._YES."</a> ]</center>";
	CloseTable();
	include("../footer.php");
    }
}  	



function poll_del_comm ($tid, $pollid, $ok=0) {
  global $adminfile, $prefix, $db;
    if($ok == 1) {
	$db->sql_query("DELETE FROM ".$prefix."_nvvoting_comments WHERE tid='$tid'");
	$db->sql_query("UPDATE ".$prefix."_nvvotings SET totalcomm=totalcomm-1 WHERE pollid='$pollid'");
	Header("Location: ../modules.php?name=Voting&op=pollvote&pollid=$pollid");
    } else {
	include("../header.php");
	GraphicAdmin();
	OpenTable();
	echo "<center><font class=\"title\"><b>"._REMOVECOMMENTS."</b></font></center>";
	CloseTable();
	echo "<br>";
	OpenTable();
	echo "<center>"._SURETODELCOMMENTS."";
	echo "<br><br>[ <a href=\"javascript:history.go(-1)\">"._NO."</a> | <a href=\"".$adminfile.".php?op=poll_del_comm&tid=$tid&pollid=$pollid&ok=1\">"._YES."</a> ]</center>";
	CloseTable();
	include("../footer.php");
    }
}

switch($op) {

    case "polls":
    polls();
    break;
    
    case "poll_creat_step2":   
    poll_creat_step2($xacomm, $planguage, $numopt);
    break;
    
    case "poll_creat_step3":   
    poll_creat_step3($xacomm, $planguage, $npollquestion, $noptiontext);
    break;

    case "poll_del":
    poll_del($pollid, $ok);
    break;

    case "poll_edit":
    poll_edit($pollid);
    break;

    case "poll_edit_save":
    poll_edit_save($pollid, $npollquestion, $planguage, $xacomm, $votes, $noptiontext, $noptiontext2,$del, $totalvotes);
    break;

    case "poll_del_comm":
    poll_del_comm($tid, $pollid, $ok);
    break;
 }

} else {
    echo "Access Denied";
}

?>
